Collaborate Disseminate
My predecessor left the company with hostility, leaving no written procedures behind and even destroying some info that was in place.
I’m trying to understand the system /method /algorithym he used to sort each of our client… Continue reading How numbers are assigned a group code [on hold]
I am choosing between the three most used databases, MySQL, Microsoft SQL Server and MongoDB. I have to choose the most secure database from these three.
Does my choice of DBMS has a role in protecting against XSS attacks a… Continue reading Does choice of DBMS matter for protection against XSS and other injection attacks?
I am testing an android app which has DB encrypted (AES-256), I extracted it from system files /data/data//databases, I have following doubts,
How do we ensure that DB is encrypted properly and it is not crackable.
What too… Continue reading How to crack encrypted Android SQLite DB?
To understand this question, it is very important that you first read (or skim) this question. Please do this before continuing. Thanks!
What does this mean?
Continue reading What are the security implications of SE logging sites you visit? [on hold]
I am not sure if this is a proper place to asks this question (if not – feel free to delete this thread).
I am looking for government publicly accessible databases/APIs where I can send a request to check whether a document … Continue reading Government database of lost/invalid documents
I want to bring this up to HostGator, but want to verify my suspicions before making a big fuss.
I asked a customer care representative to help me add an SSL certificate to a site I host with them. When he was done, I receiv… Continue reading Is HostGator storing my password in plaintext?
The Setup: Im building an app to model visually world data. A significant part of this project will be the database since that data is what is interesting. I should only need to allow SELECT queries, and perhaps eventually … Continue reading How safe is it to open source access to MySQL database on github, only permitting SELECT query?
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. It describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. Even the summary is too much to summarize, so read it…. Continue reading Data Leakage from Encrypted Databases
I have long since felt that one of the best ways to effectively implement new security constructs is to implement it in the background, where it is not the primary feature of some new construct. This idea continues to be the … Continue reading Are there examples of implementing security as a side effect?
Say one has to export database data to use in another tool, such as an Excel Spreadsheet or for use as a csv file with some other program.
There’s a problem with this, and that’s that it ends up in an unencrypted form on the… Continue reading Best Practices for exporting sensitive database data and transforming it whilist keeping it encrypted?